not installing a route when policy gets updated

author: Martin Willi <martin@strongswan.org> 2007-03-20 08:15:18 +0000
committer: Martin Willi <martin@strongswan.org> 2007-03-20 08:15:18 +0000
commit: 44cd2bf0fa926f84e2909a6c8fb68b23e42809cf (patch)
tree: 011e09704f505b06cb1f63d5a8db9872c9ed1c20 /src
parent: a1e5881c42d27883116f883f6c13289c4810cfeb (diff)
download: strongswan-44cd2bf0fa926f84e2909a6c8fb68b23e42809cf.tar.bz2
strongswan-44cd2bf0fa926f84e2909a6c8fb68b23e42809cf.tar.xz
1 files changed, 8 insertions, 2 deletions
diff --git a/src/charon/threads/kernel_interface.c b/src/charon/threads/kernel_interface.c
index 43956b055..9ee788abf 100644
--- a/src/charon/threads/kernel_interface.c
+++ b/src/charon/threads/kernel_interface.c
@@ -1663,8 +1663,14 @@ static status_t add_policy(private_kernel_interface_t *this,
 		return FAILED;
 	}
 	
-	if (direction == POLICY_FWD && mode != MODE_TRANSPORT &&
-		src->get_family(src) != AF_INET6)
+	/* install a route, if:
+	 * - we are NOT updating a policy
+	 * - this is a forward policy (to just get one for each child)
+	 * - we are in tunnel mode
+	 * - we are not using IPv6 (does not work correctly yet!)
+	 */
+	if (policy->route == NULL && direction == POLICY_FWD &&
+		mode != MODE_TRANSPORT && src->get_family(src) != AF_INET6)
 	{
 		policy->route = malloc_thing(route_entry_t);
 		if (get_address_by_ts(this, dst_ts, &policy->route->src_ip) == SUCCESS)
author	Martin Willi <martin@strongswan.org>	2007-03-20 08:15:18 +0000
committer	Martin Willi <martin@strongswan.org>	2007-03-20 08:15:18 +0000
commit	44cd2bf0fa926f84e2909a6c8fb68b23e42809cf (patch)
tree	011e09704f505b06cb1f63d5a8db9872c9ed1c20 /src
parent	a1e5881c42d27883116f883f6c13289c4810cfeb (diff)
download	strongswan-44cd2bf0fa926f84e2909a6c8fb68b23e42809cf.tar.bz2 strongswan-44cd2bf0fa926f84e2909a6c8fb68b23e42809cf.tar.xz